CN113949557B - 在计算环境中监视特权用户和检测异常活动的方法、系统、介质 - Google Patents
在计算环境中监视特权用户和检测异常活动的方法、系统、介质 Download PDFInfo
- Publication number
- CN113949557B CN113949557B CN202111195996.2A CN202111195996A CN113949557B CN 113949557 B CN113949557 B CN 113949557B CN 202111195996 A CN202111195996 A CN 202111195996A CN 113949557 B CN113949557 B CN 113949557B
- Authority
- CN
- China
- Prior art keywords
- actions
- user
- users
- service
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 110
- 238000012544 monitoring process Methods 0.000 title abstract description 73
- 230000002159 abnormal effect Effects 0.000 title abstract description 8
- 230000009471 action Effects 0.000 claims abstract description 212
- 230000000694 effects Effects 0.000 claims abstract description 191
- 230000015654 memory Effects 0.000 claims description 37
- 230000008520 organization Effects 0.000 abstract description 180
- 238000007726 management method Methods 0.000 description 114
- 238000004458 analytical method Methods 0.000 description 97
- 238000012545 processing Methods 0.000 description 47
- 230000008569 process Effects 0.000 description 39
- 230000000246 remedial effect Effects 0.000 description 34
- 238000004422 calculation algorithm Methods 0.000 description 33
- 238000004891 communication Methods 0.000 description 33
- 238000001514 detection method Methods 0.000 description 30
- 230000008859 change Effects 0.000 description 27
- 230000006399 behavior Effects 0.000 description 26
- 238000010586 diagram Methods 0.000 description 20
- 239000008186 active pharmaceutical agent Substances 0.000 description 17
- 230000006870 function Effects 0.000 description 17
- 238000005067 remediation Methods 0.000 description 17
- 238000013475 authorization Methods 0.000 description 13
- 230000003542 behavioural effect Effects 0.000 description 12
- 238000010801 machine learning Methods 0.000 description 12
- 238000012800 visualization Methods 0.000 description 12
- 230000007246 mechanism Effects 0.000 description 11
- 239000013598 vector Substances 0.000 description 11
- 238000012986 modification Methods 0.000 description 8
- 230000004048 modification Effects 0.000 description 8
- 230000006855 networking Effects 0.000 description 7
- 238000012546 transfer Methods 0.000 description 7
- 238000013528 artificial neural network Methods 0.000 description 6
- 238000013145 classification model Methods 0.000 description 6
- 238000007405 data analysis Methods 0.000 description 6
- 238000012549 training Methods 0.000 description 6
- 230000010354 integration Effects 0.000 description 5
- 230000004044 response Effects 0.000 description 5
- 238000012550 audit Methods 0.000 description 4
- 230000000903 blocking effect Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000000670 limiting effect Effects 0.000 description 4
- 230000002093 peripheral effect Effects 0.000 description 4
- 238000013474 audit trail Methods 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 3
- 230000001413 cellular effect Effects 0.000 description 3
- 239000003795 chemical substances by application Substances 0.000 description 3
- 238000013500 data storage Methods 0.000 description 3
- 230000002085 persistent effect Effects 0.000 description 3
- 239000007787 solid Substances 0.000 description 3
- 238000007619 statistical method Methods 0.000 description 3
- 206010000117 Abnormal behaviour Diseases 0.000 description 2
- 230000001133 acceleration Effects 0.000 description 2
- 230000002776 aggregation Effects 0.000 description 2
- 238000004220 aggregation Methods 0.000 description 2
- 230000002547 anomalous effect Effects 0.000 description 2
- 230000001010 compromised effect Effects 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 238000003066 decision tree Methods 0.000 description 2
- 230000036541 health Effects 0.000 description 2
- 238000012417 linear regression Methods 0.000 description 2
- 239000011159 matrix material Substances 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000000737 periodic effect Effects 0.000 description 2
- 238000000611 regression analysis Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 230000000007 visual effect Effects 0.000 description 2
- 230000003442 weekly effect Effects 0.000 description 2
- 241000699666 Mus <mouse, genus> Species 0.000 description 1
- 241000699670 Mus sp. Species 0.000 description 1
- 208000018583 New-onset refractory status epilepticus Diseases 0.000 description 1
- 241000700605 Viruses Species 0.000 description 1
- 230000004913 activation Effects 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 238000007792 addition Methods 0.000 description 1
- 230000004931 aggregating effect Effects 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 230000004888 barrier function Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000004397 blinking Effects 0.000 description 1
- 239000003086 colorant Substances 0.000 description 1
- 238000002591 computed tomography Methods 0.000 description 1
- 230000002153 concerted effect Effects 0.000 description 1
- 239000000470 constituent Substances 0.000 description 1
- 230000001276 controlling effect Effects 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 230000000875 corresponding effect Effects 0.000 description 1
- 230000001186 cumulative effect Effects 0.000 description 1
- 238000013499 data model Methods 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000002059 diagnostic imaging Methods 0.000 description 1
- 230000001747 exhibiting effect Effects 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000003064 k means clustering Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000002595 magnetic resonance imaging Methods 0.000 description 1
- 230000007257 malfunction Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000010606 normalization Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 238000013450 outlier detection Methods 0.000 description 1
- 238000006116 polymerization reaction Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 238000007637 random forest analysis Methods 0.000 description 1
- 230000002829 reductive effect Effects 0.000 description 1
- 230000003989 repetitive behavior Effects 0.000 description 1
- 208000013406 repetitive behavior Diseases 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 238000013403 standard screening design Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000003325 tomography Methods 0.000 description 1
- 238000012384 transportation and delivery Methods 0.000 description 1
- 238000002604 ultrasonography Methods 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/28—Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/04—Processing captured monitoring data, e.g. for logfile generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/104—Grouping of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
- H04W12/086—Access security using security domains
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111195996.2A CN113949557B (zh) | 2017-06-22 | 2018-06-19 | 在计算环境中监视特权用户和检测异常活动的方法、系统、介质 |
Applications Claiming Priority (7)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201762523668P | 2017-06-22 | 2017-06-22 | |
US62/523,668 | 2017-06-22 | ||
US16/011,538 US10701094B2 (en) | 2017-06-22 | 2018-06-18 | Techniques for monitoring privileged users and detecting anomalous activities in a computing environment |
US16/011,538 | 2018-06-18 | ||
PCT/US2018/038347 WO2018236915A1 (en) | 2017-06-22 | 2018-06-19 | TECHNIQUES FOR MONITORING PRIVILEGED USERS AND DETECTING ABNORMAL ACTIVITIES IN A COMPUTER ENVIRONMENT |
CN201880052275.6A CN110999250B (zh) | 2017-06-22 | 2018-06-19 | 在计算环境中监视特权用户和检测异常活动的方法、系统、介质 |
CN202111195996.2A CN113949557B (zh) | 2017-06-22 | 2018-06-19 | 在计算环境中监视特权用户和检测异常活动的方法、系统、介质 |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201880052275.6A Division CN110999250B (zh) | 2017-06-22 | 2018-06-19 | 在计算环境中监视特权用户和检测异常活动的方法、系统、介质 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113949557A CN113949557A (zh) | 2022-01-18 |
CN113949557B true CN113949557B (zh) | 2024-04-02 |
Family
ID=64692857
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111195996.2A Active CN113949557B (zh) | 2017-06-22 | 2018-06-19 | 在计算环境中监视特权用户和检测异常活动的方法、系统、介质 |
CN201880052275.6A Active CN110999250B (zh) | 2017-06-22 | 2018-06-19 | 在计算环境中监视特权用户和检测异常活动的方法、系统、介质 |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201880052275.6A Active CN110999250B (zh) | 2017-06-22 | 2018-06-19 | 在计算环境中监视特权用户和检测异常活动的方法、系统、介质 |
Country Status (5)
Country | Link |
---|---|
US (3) | US10701094B2 (de) |
EP (1) | EP3643033B1 (de) |
JP (3) | JP7035096B2 (de) |
CN (2) | CN113949557B (de) |
WO (1) | WO2018236915A1 (de) |
Families Citing this family (140)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10356080B2 (en) | 2017-03-17 | 2019-07-16 | Verizon Patent And Licensing Inc. | System and method for centralized authentication and authorization for cloud platform with multiple deployments |
US10999296B2 (en) * | 2017-05-15 | 2021-05-04 | Forcepoint, LLC | Generating adaptive trust profiles using information derived from similarly situated organizations |
US11005864B2 (en) | 2017-05-19 | 2021-05-11 | Salesforce.Com, Inc. | Feature-agnostic behavior profile based anomaly detection |
US10701094B2 (en) | 2017-06-22 | 2020-06-30 | Oracle International Corporation | Techniques for monitoring privileged users and detecting anomalous activities in a computing environment |
US10764295B2 (en) * | 2017-08-08 | 2020-09-01 | International Business Machines Corporation | Monitoring service policy management |
US10313413B2 (en) * | 2017-08-28 | 2019-06-04 | Banjo, Inc. | Detecting events from ingested communication signals |
US10911308B2 (en) * | 2017-09-18 | 2021-02-02 | Rapyuta Robotics Co., Ltd. | Auto-determining and installing missing components to a to-be-managed device by a single execution of unique device setup command |
US10999325B1 (en) * | 2017-10-20 | 2021-05-04 | Skyhigh Networks, Llc | Cloud security system implementing service action categorization |
US11785104B2 (en) * | 2017-11-27 | 2023-10-10 | Lacework, Inc. | Learning from similar cloud deployments |
US11973784B1 (en) | 2017-11-27 | 2024-04-30 | Lacework, Inc. | Natural language interface for an anomaly detection framework |
US11818156B1 (en) | 2017-11-27 | 2023-11-14 | Lacework, Inc. | Data lake-enabled security platform |
US11894984B2 (en) * | 2017-11-27 | 2024-02-06 | Lacework, Inc. | Configuring cloud deployments based on learnings obtained by monitoring other cloud deployments |
US11770398B1 (en) | 2017-11-27 | 2023-09-26 | Lacework, Inc. | Guided anomaly detection framework |
US10715458B1 (en) * | 2017-12-08 | 2020-07-14 | Amazon Technologies, Inc. | Organization level identity management |
US11075946B2 (en) * | 2017-12-19 | 2021-07-27 | T-Mobile Usa, Inc. | Honeypot adaptive security system |
US11075935B2 (en) | 2017-12-22 | 2021-07-27 | Kpmg Llp | System and method for identifying cybersecurity threats |
US10762103B2 (en) | 2017-12-27 | 2020-09-01 | Paypal, Inc. | Calculating representative location information for network addresses |
US10805305B2 (en) * | 2018-02-07 | 2020-10-13 | Apatics, Inc. | Detection of operational threats using artificial intelligence |
US11277421B2 (en) * | 2018-02-20 | 2022-03-15 | Citrix Systems, Inc. | Systems and methods for detecting and thwarting attacks on an IT environment |
US10733329B1 (en) * | 2018-04-20 | 2020-08-04 | Automation Anywhere, Inc. | Robotic process automation system and method with secure credential vault |
CN109861953B (zh) * | 2018-05-14 | 2020-08-21 | 新华三信息安全技术有限公司 | 一种异常用户识别方法及装置 |
US10735443B2 (en) * | 2018-06-06 | 2020-08-04 | Reliaquest Holdings, Llc | Threat mitigation system and method |
US11709946B2 (en) | 2018-06-06 | 2023-07-25 | Reliaquest Holdings, Llc | Threat mitigation system and method |
US11438357B2 (en) | 2018-06-22 | 2022-09-06 | Senseon Tech Ltd | Endpoint network sensor and related cybersecurity infrastructure |
GB201810294D0 (en) | 2018-06-22 | 2018-08-08 | Senseon Tech Ltd | Cybe defence system |
GB2602254B (en) | 2020-12-15 | 2023-04-05 | Senseon Tech Ltd | Network traffic monitoring |
US11271801B2 (en) * | 2018-06-27 | 2022-03-08 | T-Mobile Usa, Inc. | Compromised network node detection system |
US11362910B2 (en) * | 2018-07-17 | 2022-06-14 | International Business Machines Corporation | Distributed machine learning for anomaly detection |
US10796019B2 (en) * | 2018-07-17 | 2020-10-06 | Dell Products L.P. | Detecting personally identifiable information (PII) in telemetry data |
JP6669954B2 (ja) * | 2018-08-14 | 2020-03-18 | デジタルア−ツ株式会社 | 情報処理装置、情報処理方法、及び情報処理プログラム |
US10956595B2 (en) * | 2018-08-16 | 2021-03-23 | Super Auth, Inc. | User access management from anywhere and prevent intruders by notifying the users after a predetermined time interval |
US11310276B2 (en) * | 2018-09-17 | 2022-04-19 | International Business Machines Corporation | Adjusting resiliency policies for cloud services based on a resiliency score |
GB2580467A (en) * | 2018-09-20 | 2020-07-22 | Idera Inc | Database access, monitoring, and control system and method for reacting to suspicious database activities |
US10728307B2 (en) * | 2018-10-08 | 2020-07-28 | Sonrai Security Inc. | Cloud intelligence data model and framework |
US11258827B2 (en) * | 2018-10-19 | 2022-02-22 | Oracle International Corporation | Autonomous monitoring of applications in a cloud environment |
US10681056B1 (en) | 2018-11-27 | 2020-06-09 | Sailpoint Technologies, Inc. | System and method for outlier and anomaly detection in identity management artificial intelligence systems using cluster based analysis of network identity graphs |
US10341430B1 (en) | 2018-11-27 | 2019-07-02 | Sailpoint Technologies, Inc. | System and method for peer group detection, visualization and analysis in identity management artificial intelligence systems using cluster based analysis of network identity graphs |
US11178169B2 (en) * | 2018-12-27 | 2021-11-16 | Paypal, Inc. | Predicting online electronic attacks based on other attacks |
US11487873B2 (en) * | 2019-01-22 | 2022-11-01 | EMC IP Holding Company LLC | Risk score generation utilizing monitored behavior and predicted impact of compromise |
US11416641B2 (en) * | 2019-01-24 | 2022-08-16 | Netskope, Inc. | Incident-driven introspection for data loss prevention |
US11074341B2 (en) | 2019-02-10 | 2021-07-27 | Microsoft Technology Licensing, Llc | Dynamic cybersecurity peer identification using groups |
US10523682B1 (en) | 2019-02-26 | 2019-12-31 | Sailpoint Technologies, Inc. | System and method for intelligent agents for decision support in network identity graph based identity management artificial intelligence systems |
US10554665B1 (en) | 2019-02-28 | 2020-02-04 | Sailpoint Technologies, Inc. | System and method for role mining in identity management artificial intelligence systems using cluster based analysis of network identity graphs |
US20200287915A1 (en) * | 2019-03-04 | 2020-09-10 | Microsoft Technology Licensing, Llc | Automated generation and deployment of honey tokens in provisioned resources on a remote computer resource platform |
CN111767533A (zh) * | 2019-04-01 | 2020-10-13 | 富泰华工业(深圳)有限公司 | 离线模式用户授权方法、装置、电子装置及存储介质 |
US10992706B2 (en) | 2019-04-30 | 2021-04-27 | Netiq Corporation | Detection of cyber attacks from high-frequency hashed incorrect passwords |
US11245702B2 (en) | 2019-05-08 | 2022-02-08 | Red Hat, Inc. | Security vulnerability assessment for users of a cloud computing environment |
US11418544B2 (en) * | 2019-06-20 | 2022-08-16 | Servicenow, Inc. | Solution management systems and methods for addressing cybersecurity vulnerabilities |
US11562170B2 (en) * | 2019-07-15 | 2023-01-24 | Microsoft Technology Licensing, Llc | Modeling higher-level metrics from graph data derived from already-collected but not yet connected data |
US11709855B2 (en) | 2019-07-15 | 2023-07-25 | Microsoft Technology Licensing, Llc | Graph embedding already-collected but not yet connected data |
US10581851B1 (en) | 2019-07-17 | 2020-03-03 | Capital One Services, Llc | Change monitoring and detection for a cloud computing environment |
US11496492B2 (en) * | 2019-08-14 | 2022-11-08 | Hewlett Packard Enterprise Development Lp | Managing false positives in a network anomaly detection system |
US11388175B2 (en) | 2019-09-05 | 2022-07-12 | Cisco Technology, Inc. | Threat detection of application traffic flows |
US11334604B2 (en) | 2019-09-12 | 2022-05-17 | Snowflake Inc. | Private data exchange |
US10798100B1 (en) * | 2019-09-12 | 2020-10-06 | Snowflake Inc. | Managing membership in a private data exchange |
GB201915265D0 (en) | 2019-10-22 | 2019-12-04 | Senseon Tech Ltd | Anomaly detection |
US11461728B2 (en) | 2019-11-05 | 2022-10-04 | International Business Machines Corporation | System and method for unsupervised abstraction of sensitive data for consortium sharing |
US11599884B2 (en) | 2019-11-05 | 2023-03-07 | International Business Machines Corporation | Identification of behavioral pattern of simulated transaction data |
US11842357B2 (en) | 2019-11-05 | 2023-12-12 | International Business Machines Corporation | Intelligent agent to simulate customer data |
US20210136059A1 (en) * | 2019-11-05 | 2021-05-06 | Salesforce.Com, Inc. | Monitoring resource utilization of an online system based on browser attributes collected for a session |
US11556734B2 (en) | 2019-11-05 | 2023-01-17 | International Business Machines Corporation | System and method for unsupervised abstraction of sensitive data for realistic modeling |
US11488185B2 (en) | 2019-11-05 | 2022-11-01 | International Business Machines Corporation | System and method for unsupervised abstraction of sensitive data for consortium sharing |
US11488172B2 (en) | 2019-11-05 | 2022-11-01 | International Business Machines Corporation | Intelligent agent to simulate financial transactions |
US11475467B2 (en) | 2019-11-05 | 2022-10-18 | International Business Machines Corporation | System and method for unsupervised abstraction of sensitive data for realistic modeling |
US11676218B2 (en) * | 2019-11-05 | 2023-06-13 | International Business Machines Corporation | Intelligent agent to simulate customer data |
US11461793B2 (en) | 2019-11-05 | 2022-10-04 | International Business Machines Corporation | Identification of behavioral pattern of simulated transaction data |
US11475468B2 (en) | 2019-11-05 | 2022-10-18 | International Business Machines Corporation | System and method for unsupervised abstraction of sensitive data for detection model sharing across entities |
US11606262B2 (en) * | 2019-11-08 | 2023-03-14 | International Business Machines Corporation | Management of a computing system with multiple domains |
US11416771B2 (en) * | 2019-11-11 | 2022-08-16 | International Business Machines Corporation | Self-learning peer group analysis for optimizing identity and access management environments |
US11611576B2 (en) * | 2019-12-11 | 2023-03-21 | GE Precision Healthcare LLC | Methods and systems for securing an imaging system |
US11321446B2 (en) * | 2019-12-16 | 2022-05-03 | Dell Products L.P. | System and method to ensure secure and automatic synchronization of credentials across devices |
US11012326B1 (en) | 2019-12-17 | 2021-05-18 | CloudFit Software, LLC | Monitoring user experience using data blocks for secure data access |
US10877867B1 (en) | 2019-12-17 | 2020-12-29 | CloudFit Software, LLC | Monitoring user experience for cloud-based services |
US11481304B1 (en) * | 2019-12-22 | 2022-10-25 | Automation Anywhere, Inc. | User action generated process discovery |
US11838300B1 (en) * | 2019-12-24 | 2023-12-05 | Musarubra Us Llc | Run-time configurable cybersecurity system |
US20210200955A1 (en) * | 2019-12-31 | 2021-07-01 | Paypal, Inc. | Sentiment analysis for fraud detection |
US11799889B2 (en) * | 2019-12-31 | 2023-10-24 | Intuit, Inc. | Web service usage anomaly detection and prevention |
US11770374B1 (en) * | 2019-12-31 | 2023-09-26 | Cigna Intellectual Property, Inc. | Computer user credentialing and verification system |
US11436149B2 (en) | 2020-01-19 | 2022-09-06 | Microsoft Technology Licensing, Llc | Caching optimization with accessor clustering |
EP4094414B1 (de) * | 2020-01-20 | 2023-10-18 | Bull Sas | Verfahren zur eindringungsdetektion zum detektieren bösartiger insider-aktivitäten und system zur eindringungsdetektion |
US11637910B2 (en) * | 2020-08-20 | 2023-04-25 | Zscaler, Inc. | Cloud access security broker systems and methods with an in-memory data store |
WO2021165933A1 (en) * | 2020-02-20 | 2021-08-26 | Celestya Ltd. | Method and system for online user behavior management |
US11575677B2 (en) * | 2020-02-24 | 2023-02-07 | Fmr Llc | Enterprise access control governance in a computerized information technology (IT) architecture |
WO2021171093A1 (en) * | 2020-02-28 | 2021-09-02 | Darktrace, Inc. | Cyber security for a software-as-a-service factoring risk |
CN111488594B (zh) * | 2020-03-03 | 2023-11-03 | 杭州未名信科科技有限公司 | 一种基于云服务器的权限检查方法、装置、存储介质及终端 |
US11461677B2 (en) | 2020-03-10 | 2022-10-04 | Sailpoint Technologies, Inc. | Systems and methods for data correlation and artifact matching in identity management artificial intelligence systems |
US11425155B2 (en) * | 2020-03-12 | 2022-08-23 | The Aerospace Corporation | Monitoring the integrity of a space vehicle |
US11689550B2 (en) * | 2020-03-13 | 2023-06-27 | Mcafee, Llc | Methods and apparatus to analyze network traffic for malicious activity |
TWI758705B (zh) * | 2020-03-30 | 2022-03-21 | 台北富邦商業銀行股份有限公司 | 智能防駭特權治理系統 |
CN111562930A (zh) * | 2020-04-30 | 2020-08-21 | 深圳壹账通智能科技有限公司 | web应用安全的升级方法与系统 |
US11438364B2 (en) * | 2020-04-30 | 2022-09-06 | Bank Of America Corporation | Threat analysis for information security |
US11030565B1 (en) * | 2020-05-18 | 2021-06-08 | Grant Thornton Llp | System and method for audit report generation from structured data |
JP7413924B2 (ja) | 2020-05-25 | 2024-01-16 | 富士フイルムビジネスイノベーション株式会社 | 情報処理装置及び情報処理プログラム |
US10862928B1 (en) | 2020-06-12 | 2020-12-08 | Sailpoint Technologies, Inc. | System and method for role validation in identity management artificial intelligence systems using analysis of network identity graphs |
US20210392146A1 (en) * | 2020-06-16 | 2021-12-16 | Zscaler, Inc. | Machine Learning-based user and entity behavior analysis for network security |
US20210397903A1 (en) * | 2020-06-18 | 2021-12-23 | Zoho Corporation Private Limited | Machine learning powered user and entity behavior analysis |
CN111786980A (zh) * | 2020-06-24 | 2020-10-16 | 广州海颐信息安全技术有限公司 | 基于行为的特权账户威胁告警方法 |
WO2022005914A1 (en) * | 2020-06-29 | 2022-01-06 | Illumina, Inc. | Temporary cloud provider credentials via secure discovery framework |
CN111967011B (zh) * | 2020-07-10 | 2022-10-14 | 电子科技大学 | 一种基于可解释的内部威胁评估方法 |
CN112231336B (zh) | 2020-07-17 | 2023-07-25 | 北京百度网讯科技有限公司 | 识别用户的方法、装置、存储介质及电子设备 |
US11722510B2 (en) * | 2020-08-10 | 2023-08-08 | Bank Of America Corporation | Monitoring and preventing remote user automated cyber attacks |
US11979473B2 (en) | 2020-08-20 | 2024-05-07 | Zscaler, Inc. | Cloud access security broker systems and methods with an in-memory data store |
US10938828B1 (en) | 2020-09-17 | 2021-03-02 | Sailpoint Technologies, Inc. | System and method for predictive platforms in identity management artificial intelligence systems using analysis of network identity graphs |
US11645391B2 (en) | 2020-10-09 | 2023-05-09 | Saudi Arabian Oil Company | Protecting computer systems against malicious software stored on removeable data storage devices |
CN112306835B (zh) * | 2020-11-02 | 2024-05-28 | 平安科技(深圳)有限公司 | 用户数据监控分析方法、装置、设备及介质 |
US11196775B1 (en) | 2020-11-23 | 2021-12-07 | Sailpoint Technologies, Inc. | System and method for predictive modeling for entitlement diffusion and role evolution in identity management artificial intelligence systems using network identity graphs |
WO2022113348A1 (ja) * | 2020-11-30 | 2022-06-02 | 三菱電機株式会社 | 開発側セキュリティ分析支援装置、運用側セキュリティ分析支援装置、およびセキュリティ分析支援システム |
US20230077527A1 (en) * | 2020-12-31 | 2023-03-16 | Ajay Sarkar | Local agent system for obtaining hardware monitoring and risk information utilizing machine learning models |
US11487639B2 (en) | 2021-01-21 | 2022-11-01 | Vmware, Inc. | User experience scoring and user interface |
US11586526B2 (en) | 2021-01-22 | 2023-02-21 | Vmware, Inc. | Incident workflow interface for application analytics |
US20220237097A1 (en) * | 2021-01-22 | 2022-07-28 | Vmware, Inc. | Providing user experience data to tenants |
US11777959B2 (en) * | 2021-02-12 | 2023-10-03 | Capital One Services, Llc | Digital security violation system |
US11295241B1 (en) * | 2021-02-19 | 2022-04-05 | Sailpoint Technologies, Inc. | System and method for incremental training of machine learning models in artificial intelligence systems, including incremental training using analysis of network identity graphs |
US20220271938A1 (en) * | 2021-02-24 | 2022-08-25 | Shopify Inc. | Methods and apparatus to manage application access in networked environments |
US11894971B2 (en) * | 2021-03-31 | 2024-02-06 | Equifax Inc. | Techniques for prediction models using time series data |
US11556637B2 (en) | 2021-04-05 | 2023-01-17 | Bank Of America Corporation | Information security system and method for anomaly and security threat detection |
US11809534B2 (en) * | 2021-04-22 | 2023-11-07 | International Business Machines Corporation | Role design advisor |
US20220393942A1 (en) * | 2021-04-26 | 2022-12-08 | NetBrain Technologies, Inc. | Network intent management and automation |
US11811807B2 (en) * | 2021-05-27 | 2023-11-07 | Microsoft Technology Licensing, Llc | Conditional security measures using rolling set of risk scores |
US11831688B2 (en) * | 2021-06-18 | 2023-11-28 | Capital One Services, Llc | Systems and methods for network security |
US11856015B2 (en) * | 2021-06-24 | 2023-12-26 | Microsoft Technology Licensing, Llc | Anomalous action security assessor |
US11372921B1 (en) * | 2021-07-29 | 2022-06-28 | Accenture Global Solutions Limited | Active directory management and remediation |
US11227055B1 (en) | 2021-07-30 | 2022-01-18 | Sailpoint Technologies, Inc. | System and method for automated access request recommendations |
US20230031380A1 (en) * | 2021-07-30 | 2023-02-02 | APPDIRECT, Inc. | Encryption key rotation |
US20230049749A1 (en) * | 2021-08-13 | 2023-02-16 | People Center, Inc. | Resource Provisioning Based on Estimation of Risk |
WO2023064007A1 (en) * | 2021-10-11 | 2023-04-20 | Sophos Limited | Augmented threat investigation |
GB202405277D0 (en) * | 2021-10-11 | 2024-05-29 | Sophos Ltd | Augmented threat investigation |
US20230141928A1 (en) * | 2021-10-13 | 2023-05-11 | Oracle International Corporation | Adaptive network attack prediction system |
US20230129466A1 (en) * | 2021-10-25 | 2023-04-27 | Zscaler, Inc. | Identity intelligence in cloud-based services |
US11856592B2 (en) * | 2021-10-27 | 2023-12-26 | International Business Machines Corporation | Multi-dimensional mapping and user cognitive profile based device control and channel assignment |
US20230134546A1 (en) * | 2021-10-29 | 2023-05-04 | Oracle International Corporation | Network threat analysis system |
US20230161662A1 (en) * | 2021-11-19 | 2023-05-25 | Johannes Wollny | Systems and methods for data-driven proactive detection and remediation of errors on endpoint computing systems |
WO2023183000A1 (en) * | 2022-03-25 | 2023-09-28 | Rakuten Symphony Singapore Pte. Ltd. | Dynamic privileged access request system |
US20230388313A1 (en) * | 2022-05-31 | 2023-11-30 | Acronis International Gmbh | Automatic User Group Manager |
US11658881B1 (en) | 2022-06-30 | 2023-05-23 | Bank Of America Corporation | System and method for predicting anomalous requests and preventing anomalous interactions in a network |
US11743280B1 (en) * | 2022-07-29 | 2023-08-29 | Intuit Inc. | Identifying clusters with anomaly detection |
WO2024076453A1 (en) * | 2022-10-06 | 2024-04-11 | Microsoft Technology Licensing, Llc | Cybersecurity insider risk management |
CN116366310B (zh) * | 2023-02-28 | 2023-11-21 | 深圳市众志天成科技有限公司 | 一种基于信息安全的云服务方法及装置 |
CN117850714B (zh) * | 2024-03-04 | 2024-05-07 | 珠海芯烨电子科技有限公司 | 一种云打印机数据审计方法以及相关装置 |
CN118155784B (zh) * | 2024-05-09 | 2024-07-12 | 江苏法迈生医学科技有限公司 | 临床试验管理系统的数据安全管理方法 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103563294A (zh) * | 2011-06-30 | 2014-02-05 | 国际商业机器公司 | 用于云计算平台安全性的认证和授权方法 |
CN103916454A (zh) * | 2013-01-02 | 2014-07-09 | 国际商业机器公司 | 在整个云架构中扩展组织边界 |
CN104487948A (zh) * | 2012-09-07 | 2015-04-01 | 甲骨文国际公司 | 用于与云计算环境一起使用的工作流编排的系统及方法 |
CN105874767A (zh) * | 2013-12-19 | 2016-08-17 | 微软技术许可有限责任公司 | 检测来自在线服务的帐户的异常活动 |
WO2016177437A1 (en) * | 2015-05-05 | 2016-11-10 | Balabit S.A. | Computer-implemented method for determining computer system security threats, security operations center system and computer program product |
Family Cites Families (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2711861A1 (de) | 2012-09-20 | 2014-03-26 | Alcatel-Lucent | Verfahren und System zur Steuerung von Änderungen in einem Betriebssystem |
JP6053133B2 (ja) | 2012-12-10 | 2016-12-27 | 株式会社日立システムズ | 特権ユーザid貸し出しシステム、特権ユーザidの貸し出し方法、およびプログラム |
US8881249B2 (en) * | 2012-12-12 | 2014-11-04 | Microsoft Corporation | Scalable and automated secret management |
US9674211B2 (en) | 2013-01-30 | 2017-06-06 | Skyhigh Networks, Inc. | Cloud service usage risk assessment using darknet intelligence |
US9876804B2 (en) | 2013-10-20 | 2018-01-23 | Cyber-Ark Software Ltd. | Method and system for detecting unauthorized access to and use of network resources |
US9692789B2 (en) | 2013-12-13 | 2017-06-27 | Oracle International Corporation | Techniques for cloud security monitoring and threat intelligence |
US10063654B2 (en) | 2013-12-13 | 2018-08-28 | Oracle International Corporation | Systems and methods for contextual and cross application threat detection and prediction in cloud applications |
US9852208B2 (en) | 2014-02-25 | 2017-12-26 | International Business Machines Corporation | Discovering communities and expertise of users using semantic analysis of resource access logs |
CA2951723C (en) * | 2014-06-10 | 2021-04-27 | Sightline Innovation Inc. | System and method for network based application development and implementation |
CN107409126B (zh) | 2015-02-24 | 2021-03-09 | 思科技术公司 | 用于保护企业计算环境安全的系统和方法 |
US10042697B2 (en) * | 2015-05-28 | 2018-08-07 | Oracle International Corporation | Automatic anomaly detection and resolution system |
CN106341386B (zh) | 2015-07-07 | 2018-09-25 | 埃森哲环球服务有限公司 | 针对基于云的多层安全架构的威胁评估级确定及补救 |
US10536478B2 (en) | 2016-02-26 | 2020-01-14 | Oracle International Corporation | Techniques for discovering and managing security of applications |
US10142362B2 (en) | 2016-06-02 | 2018-11-27 | Zscaler, Inc. | Cloud based systems and methods for determining security risks of users and groups |
US10701094B2 (en) | 2017-06-22 | 2020-06-30 | Oracle International Corporation | Techniques for monitoring privileged users and detecting anomalous activities in a computing environment |
-
2018
- 2018-06-18 US US16/011,538 patent/US10701094B2/en active Active
- 2018-06-19 CN CN202111195996.2A patent/CN113949557B/zh active Active
- 2018-06-19 JP JP2019570846A patent/JP7035096B2/ja active Active
- 2018-06-19 CN CN201880052275.6A patent/CN110999250B/zh active Active
- 2018-06-19 WO PCT/US2018/038347 patent/WO2018236915A1/en unknown
- 2018-06-19 EP EP18739698.1A patent/EP3643033B1/de active Active
-
2020
- 2020-06-29 US US16/914,797 patent/US11483328B2/en active Active
-
2022
- 2022-03-02 JP JP2022031870A patent/JP7279227B2/ja active Active
- 2022-10-25 US US17/973,274 patent/US20230126571A1/en active Pending
-
2023
- 2023-05-10 JP JP2023077773A patent/JP2023103341A/ja active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103563294A (zh) * | 2011-06-30 | 2014-02-05 | 国际商业机器公司 | 用于云计算平台安全性的认证和授权方法 |
CN104487948A (zh) * | 2012-09-07 | 2015-04-01 | 甲骨文国际公司 | 用于与云计算环境一起使用的工作流编排的系统及方法 |
CN103916454A (zh) * | 2013-01-02 | 2014-07-09 | 国际商业机器公司 | 在整个云架构中扩展组织边界 |
CN105874767A (zh) * | 2013-12-19 | 2016-08-17 | 微软技术许可有限责任公司 | 检测来自在线服务的帐户的异常活动 |
WO2016177437A1 (en) * | 2015-05-05 | 2016-11-10 | Balabit S.A. | Computer-implemented method for determining computer system security threats, security operations center system and computer program product |
Also Published As
Publication number | Publication date |
---|---|
CN110999250A (zh) | 2020-04-10 |
CN110999250B (zh) | 2021-11-05 |
EP3643033A1 (de) | 2020-04-29 |
JP2020524855A (ja) | 2020-08-20 |
JP7279227B2 (ja) | 2023-05-22 |
WO2018236915A1 (en) | 2018-12-27 |
US20230126571A1 (en) | 2023-04-27 |
CN113949557A (zh) | 2022-01-18 |
JP2023103341A (ja) | 2023-07-26 |
JP7035096B2 (ja) | 2022-03-14 |
US11483328B2 (en) | 2022-10-25 |
JP2022071111A (ja) | 2022-05-13 |
US10701094B2 (en) | 2020-06-30 |
EP3643033B1 (de) | 2021-11-10 |
US20200329066A1 (en) | 2020-10-15 |
US20180375886A1 (en) | 2018-12-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN113949557B (zh) | 在计算环境中监视特权用户和检测异常活动的方法、系统、介质 | |
US11734148B2 (en) | Testing cloud application integrations, data, and protocols | |
US11258827B2 (en) | Autonomous monitoring of applications in a cloud environment | |
US11637844B2 (en) | Cloud-based threat detection | |
US11055417B2 (en) | High granularity application and data security in cloud environments | |
US11165800B2 (en) | Cloud based security monitoring using unsupervised pattern recognition and deep learning | |
JP7358564B2 (ja) | 脅威を検出するための動的ポリシーの導入およびアクセスの可視化 | |
US11265329B2 (en) | Mechanisms for anomaly detection and access management | |
US11368481B2 (en) | Techniques for discovering and managing security of applications |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |